Hacker News new | past | comments | ask | show | jobs | submit login
What are the drawbacks of forcing companies to reveal their password schemes?
3 points by ilitirit on June 7, 2012 | hide | past | favorite
I'm talking about something where public companies like Google, Microsoft, Sony etc are bound by law to reveal information about how they secure your passwords (and possibly data?).

I also don't mean reveal their entire infrastructure or algorithms. Just something that says eg.

"We don't store your password. We stored a salted hash in a secure location that only two people have access to. We use a hashing algorithm that's known to be secure in combination with another scheme developed by our own cryptographers."




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: